-
-
Notifications
You must be signed in to change notification settings - Fork 687
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
<template> cannot appear alone. #37
Comments
That's actually expected behavior. And it relates to what happens for example with <style> => ''
1<style> => '1'<style></style> For the browser, a "naked" style (or template) element has You can work around that by setting |
I get the idea. However, what would if I really want to have a clean In addition, I think this behavior kind of breaks the point of jPurify - maybe I should file a bug there as well. |
I understand. In DOMPurify you want to actually clean strings from unwanted code. So there, it doesn't really hurt if we keep following browser behavior. In jPurify however, people might want to use Yeah, I think a ticket for jPurify would be best. Thx! |
Closed, as the jPurify issue has been fixed and DOMPurify is not supposed to be used as factory. |
For example,
<template>
is removed but<div><template>
is alright. Not sure if it is intended behavior?Tested in latest Chrome and Firefox with DOMPurify 0.4.3.
The text was updated successfully, but these errors were encountered: